PHP Code:
<div class="adm_tit"><?php echo $admingmp['53']; ?></div>
<form action="index.php?act=admin&do=clans" method="post">
<table width="350" align="center" height="60" border="0" style="font-weight:bold; color:#FF3300;">
<tr><td><?php echo $admingmp['42'].' :'; ?></td><td><input type="text" name="clanname" class="tbl_colbor" /></td></tr>
<tr><td><?php echo $admingmp['54'].' :'; ?></td><td><input type="text" name="wins" class="tbl_colbor" /></td></tr>
<tr><td><?php echo $admingmp['55'].' :'; ?></td><td><input type="text" name="losses" class="tbl_colbor" /></td></tr>
<tr><td><?php echo $admingmp['56'].' :'; ?></td><td><input type="text" name="draws" class="tbl_colbor" /></td></tr>
<tr><td><?php echo $admingmp['57'].' :'; ?></td><td><input type="text" name="points" class="tbl_colbor" /></td></tr>
<tr><td><?php echo $admingmp['179'].' :'; ?></td><td><input type="text" name="emblem" class="tbl_colbor" /></td></tr>
<tr><td></td><td width="130" align="right"><input type="submit" name="changestats" value="<?php echo $admingmp['4']; ?>" /></td></tr>
</table>
</form>
<div class="tbl_errmes">
<?php
if(isset($_POST['changestats'])){
$clanname = anti_injection($_POST['clanname']);
$getclanstats = mssql_query("SELECT Wins, Losses, Draws, Point, EmblemUrl FROM Clan WHERE Name = '$clanname'");
$getx = mssql_fetch_assoc($getclanstats);
if(anti_injection($_POST['wins']) == "")
{
$wins = $getx['Wins'];
}
else
{
$wins = anti_injection($_POST['wins']);
}
if(anti_injection($_POST['losses']) == "")
{
$losses = $getx['Losses'];
}
else
{
$losses = anti_injection($_POST['losses']);
}
if(anti_injection($_POST['draws']) == "")
{
$draws = $getx['Draws'];
}
else
{
$draws = anti_injection($_POST['draws']);
}
if(anti_injection($_POST['points']) == "")
{
$points = $getx['Point'];
}
else
{
$points = anti_injection($_POST['points']);
}
if(anti_injection($_POST['emblem']) == "")
{
$emblem = $getx['EmblemUrl'];
}
elseif($getx['EmblemUrl'] == "NULL")
{
$emblem = "NULL";
}
else
{
$emblem = anti_injection($_POST['emblem']);
}
$sql = mssql_query("SELECT Name FROM Clan WHERE Name = '$clanname'");
if(!$clanname){
echo $admingmp['60'];
}elseif(mssql_num_rows($sql)<>0){
$sql2 = mssql_query("UPDATE Clan SET Point='$points', Wins='$wins', Losses='$losses', Draws='$draws', EmblemUrl='$emblem' WHERE Name='$clanname'");
echo $admingmp['59'];
}else{
echo $admingmp['58'];
}
}
?>
Here's the full code for you.
This is what's happening:
When nothing is set in Emblem input, it takes whatever data that is already in the database and uses it in the update query as to not reset anything to 0.
Say I put nothing in the emblem input because I don't want to update it and the database value for Clan's EmblemUrl is NULL, it takes the NULL value, but sets it as a blank value when updating the row.